Akash Bansal
asked on
How to access my RWW or access my server using RDP/MSTSC from outside the office when port 443 is already in use
I have a Windows 2012 R2 Domain controller (VM) & Exchange 2013 with all the roles on another Windows 2012 R2 (VM)
These both virtual machine are hosted on Windows 2012 R2 single physical IBM machine.
I have forwarded port 443 using my router to Exchange 2013 private IP 192.168.5.5 (web access to exchange OWA)
Now I want to access Remote Work Space (RWW) that is enabled on the Domain Controller
I have found that its is also using port 443.
My router supports single wan connection. Cisco RV120W
(http://www.cisco.com/c/en/us/products/routers/rv120w-wireless-n-vpn-firewall/index.html)
So i can only use single IP address (though my ISP has allotted 5 public static IP)
How to access my RWW or access my server using RDP/MSTSC from outside the office.
These both virtual machine are hosted on Windows 2012 R2 single physical IBM machine.
I have forwarded port 443 using my router to Exchange 2013 private IP 192.168.5.5 (web access to exchange OWA)
Now I want to access Remote Work Space (RWW) that is enabled on the Domain Controller
I have found that its is also using port 443.
My router supports single wan connection. Cisco RV120W
(http://www.cisco.com/c/en/us/products/routers/rv120w-wireless-n-vpn-firewall/index.html)
So i can only use single IP address (though my ISP has allotted 5 public static IP)
How to access my RWW or access my server using RDP/MSTSC from outside the office.
ASKER
thanks for the suggestion
sorry i missed mentioning that I don't want to setup or connect through VPN
sorry i missed mentioning that I don't want to setup or connect through VPN
There are still 2 other suggestions ...
ASKER
I am trying option number 2.
Port Forwarding Rule Table
Action Service Status Source IP Destination IP Internal Port
Always Allow rww Enabled Any 192.168.5.2 443
Always Allow mail Enabled Any 192.168.5.5 443
Custom Service Table
Name Type ICMP Type / Port Range / Protocol Number
mail TCP 443 - 443
rww TCP 444 - 444
from out side the network i am trying:
https://mail.mydomain.com (this is landing at exchange owa & working fine)
https://rww.mydomain.com:444 (this is not working)
Port Forwarding Rule Table
Action Service Status Source IP Destination IP Internal Port
Always Allow rww Enabled Any 192.168.5.2 443
Always Allow mail Enabled Any 192.168.5.5 443
Custom Service Table
Name Type ICMP Type / Port Range / Protocol Number
mail TCP 443 - 443
rww TCP 444 - 444
from out side the network i am trying:
https://mail.mydomain.com (this is landing at exchange owa & working fine)
https://rww.mydomain.com:444 (this is not working)
Can you try (just for test) to redirect 443 to RWW for a short time? Just seeing if the HTTPS port is all you need, or you have to redirect 987 too.
ASKER
I guess I had to reboot the router after configuring the 444 redirection.
I have rebooted the router now.
I guess I am able to hit the rww server after rebooting the router; getting certification revoked error.
I need to buy a new certificate. Once I fix the certification issue, I would get back to you.
Thanks for the valuable suggestions. :)
I have rebooted the router now.
I guess I am able to hit the rww server after rebooting the router; getting certification revoked error.
I need to buy a new certificate. Once I fix the certification issue, I would get back to you.
Thanks for the valuable suggestions. :)
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
or set-up the nat rules
WAN LAN Protocol device
443 443 TCP exchangeipaddress
444 443 TCP RWWipaddress
WAN LAN Protocol device
443 443 TCP exchangeipaddress
444 443 TCP RWWipaddress
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
As per Mr. Cliff even setting up NAT rules(suggested by Mr. David) or mapping (suggested point 2 by Mr. Olemo) would not work in my case.
Use of reverse proxy would also add new set of issues.
So, could you suggest any economical router, preferably cisco small business series or equivalent.
I have cisco RV042/ RVS4000 / RV120W & TP LINK TL-R470T+ http://www.tp-link.in/products/details/?model=TL-R470T%2B
Use of reverse proxy would also add new set of issues.
So, could you suggest any economical router, preferably cisco small business series or equivalent.
I have cisco RV042/ RVS4000 / RV120W & TP LINK TL-R470T+ http://www.tp-link.in/products/details/?model=TL-R470T%2B
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks CLiff, you always helpful to me. :)
I can understand UTM like sonicwall is the right fit.
Need $100-$200 router that just accomplish the purpose. My clients don't have much budget.
Wish we could find some. All the clients have only 10-30 users max.
I can understand UTM like sonicwall is the right fit.
Need $100-$200 router that just accomplish the purpose. My clients don't have much budget.
Wish we could find some. All the clients have only 10-30 users max.
The entry level UTMs are in the $200 range.
ASKER
I called up CISCO, they enabled one to one NAT, it solved the purpose & enabled me to use second public IP as well.
It worked like a charm.
It worked like a charm.
ASKER
It worked on $100 CISCO RV series router.
2. Use a different public port, and map that to the real IP and port.
3. Create a virtual web root on the Exchange IIS with redirection to the real server (no clue how to do that, though).